<?php

require($_SERVER['DOCUMENT_ROOT'] . "/bootstrap.php");
if ($session_email == '')
	$error = 1;
else
	$error = 0;
$smarty->assign("error", $error);

if (isset($_GET['ordercode']))
	$ordercode = $_GET['ordercode'];
else
	$ordercode = 0;

$sql = @"SELECT * 
			FROM user u, listorder l
			WHERE l.ordercode = '{$ordercode}' and l.iduser = u.id";
$query = mysql_query($sql);
while ($row = mysql_fetch_array($query)) {
	$user_information[] = $row;
}
$smarty->assign("user_information", $user_information);
/*
  $detailorder = mysql_fetch_array(mysql_query(@"select * from listorder where idlistorder=$idorder"));

  // Xử lý, tách cái order_product ra mảng 2 chiều
  $order_product_temp = explode("|||||", $detailorder["order_product"]);
  array_pop($order_product_temp);
  foreach ($order_product_temp as $order_product_temp_item) {
  $temp = explode("&&&&&", $order_product_temp_item);
  $order_product[] = $temp;
  }
  // End - Xử lý, tách cái order_product ra mảng 2 chiều
  $detailorder["order_product"] = $order_product;

  $list_id = "";
  foreach($detailorder["order_product"] as $item)
  {
  $list_id =  $list_id . $item[0] . ", ";
  }
 */
$detailproduct1 = mysql_query(@"select p.productname,p.image,d.number,d.priece,p.idproduct, c.link
	from product p, detailorder d, category c
	where p.idproduct=d.idproduct and c.idcategory = p.idcategory and d.ordercode='$ordercode'");
while ($row = mysql_fetch_array($detailproduct1)) {
	$detailproduct[] = $row;
}
$listorder1 = mysql_fetch_array(mysql_query(@"select * from listorder where ordercode='$ordercode'"));

$smarty->assign("listorder1", $listorder1);

$smarty->assign("detailproduct", $detailproduct);

//$smarty->assign('detailorder', $detailorder);
//$smarty->assign('detailproduct', $listdetailorder);
// kiem tra xem có phải là admin hay không? và xem người xem hóa đơn có phải là chính chủ không?

$detailorder_error = 0;
if ($user_information[0]['email'] != $_SESSION['email'] && $user_loginned != "admin") {
	$detailorder_error = 1;
}
if ($user_loginned_staff == "ketoan")
	$detailorder_error = 0;
//end
$smarty->assign("detailorder_error", $detailorder_error);
$smarty->display("../templates/detailorder/index.tpl");